xref: /illumos-gate/usr/src/common/smbclnt/smbfs_ntacl.h (revision 46c8d03d0f8e1cb310d5718baabb8d78e9d30a7b) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #ifndef _SMBFS_NTACL_H
28 #define	_SMBFS_NTACL_H
29 
30 /*
31  * Internal functions for dealing with
32  * NT Security data structures.
33  */
34 
35 #include <netsmb/mchain.h>
36 
37 /*
38  * Internal form of an NT SID
39  * Same as on the wire, but possibly byte-swapped.
40  */
41 typedef struct i_ntsid {
42 	uint8_t	sid_revision;
43 	uint8_t	sid_subauthcount;
44 	uint8_t	sid_authority[6];
45 	uint32_t sid_subauthvec[1]; /* actually len=subauthcount */
46 } i_ntsid_t;
47 #define	I_SID_SIZE(sacnt)	(8 + 4 * (sacnt))
48 
49 /*
50  * Internal form of an NT ACE
51  */
52 typedef struct i_ntace {
53 	uint8_t	ace_type;
54 	uint8_t	ace_flags;
55 	uint32_t	ace_rights; /* generic, standard, specific, etc */
56 	i_ntsid_t	*ace_sid;
57 } i_ntace_t;
58 
59 /*
60  * Internal form of an NT ACL (see sacl/dacl below)
61  */
62 typedef struct i_ntacl {
63 	uint8_t	acl_revision;	/* 0x02 observed with W2K */
64 	uint16_t	acl_acecount;
65 	i_ntace_t	*acl_acevec[1]; /* actually, len=acecount */
66 } i_ntacl_t;
67 
68 /*
69  * Internal form of an NT Security Descriptor (SD)
70  */
71 typedef struct i_ntsd {
72 	uint8_t		sd_revision;	/* 0x01 observed between W2K */
73 	uint8_t		sd_rmctl;	/* resource mgr control (MBZ) */
74 	uint16_t	sd_flags;
75 	i_ntsid_t	*sd_owner;
76 	i_ntsid_t	*sd_group;
77 	i_ntacl_t	*sd_sacl;
78 	i_ntacl_t	*sd_dacl;
79 } i_ntsd_t;
80 
81 /*
82  * Import a raw SD (mb chain) into "internal" form.
83  * (like "absolute" form per. NT docs)
84  * Returns allocated data in sdp
85  */
86 int md_get_ntsd(mdchain_t *mbp, i_ntsd_t **sdp);
87 
88 /*
89  * Export an "internal" SD into an raw SD (mb chain).
90  * (a.k.a "self-relative" form per. NT docs)
91  * Returns allocated mbchain in mbp.
92  */
93 int mb_put_ntsd(mbchain_t *mbp, i_ntsd_t *sd);
94 
95 /*
96  * Convert an internal SD to a ZFS-style ACL.
97  * Get uid/gid too if pointers != NULL.
98  */
99 #ifdef	_KERNEL
100 int smbfs_acl_sd2zfs(i_ntsd_t *, vsecattr_t *, uid_t *, gid_t *);
101 #else /* _KERNEL */
102 int smbfs_acl_sd2zfs(i_ntsd_t *, acl_t *, uid_t *, gid_t *);
103 #endif /* _KERNEL */
104 
105 /*
106  * Convert an internal SD to a ZFS-style ACL.
107  * Include owner/group too if uid/gid != -1.
108  */
109 #ifdef	_KERNEL
110 int smbfs_acl_zfs2sd(vsecattr_t *, uid_t, gid_t, i_ntsd_t **);
111 #else /* _KERNEL */
112 int smbfs_acl_zfs2sd(acl_t *, uid_t, gid_t, i_ntsd_t **);
113 #endif /* _KERNEL */
114 
115 /*
116  * Free an i_ntsd_t, as returned by md_get_ntsd()
117  * or smbfs_acl_zfs2sd().
118  */
119 void smbfs_acl_free_sd(struct i_ntsd *);
120 
121 /*
122  * Convert an NT SID to string format.
123  */
124 int smbfs_sid2str(i_ntsid_t *sid,
125 	char *obuf, size_t olen, uint32_t *ridp);
126 
127 #endif	/* _SMBFS_NTACL_H */
128